Hello everybody,
Does SysLog supported by WinCC OA 3.16?
It is useful to exchange with plant log information.
Thanks a lot
Best regards
SysLog
Search
Re: SysLog
Can you please describe more detailed what the question/requirement is.
Which operating system are you using?
Best Regards
Leopold Knipp
Senior Support Specialist
Which operating system are you using?
Best Regards
Leopold Knipp
Senior Support Specialist
-
- Posts: 10
- Joined: Thu Dec 13, 2018 1:54 pm
Re: SysLog
Thanks for reply.
Below some details about the topic:
Our customer have an SIEM (security information and event management) server (based on IBM cybersecurity Qradar platform) where are collected all events related to security.
Customer requires that login and logout events in SCADA application shall be send to SIEM system through SYSLOG protocol (this protocol is not supported by Windows but there are some libraries that support this).
Does WinCCOA support the libraries described above?
The event result will be similar to the following (JSON format):
{
"Severity":"Info",
"Timestamp":"2019-03-31T12:02:05.836",
"System":"SCADA",
"Component":"SCADAGUI",
"Function":"Authentication",
"Message":"Login on SCADA by user domain\username",
"Operation":"Login",
"User":"username",
"Host":"localhost"
}
Best regards.
Below some details about the topic:
Our customer have an SIEM (security information and event management) server (based on IBM cybersecurity Qradar platform) where are collected all events related to security.
Customer requires that login and logout events in SCADA application shall be send to SIEM system through SYSLOG protocol (this protocol is not supported by Windows but there are some libraries that support this).
Does WinCCOA support the libraries described above?
The event result will be similar to the following (JSON format):
{
"Severity":"Info",
"Timestamp":"2019-03-31T12:02:05.836",
"System":"SCADA",
"Component":"SCADAGUI",
"Function":"Authentication",
"Message":"Login on SCADA by user domain\username",
"Operation":"Login",
"User":"username",
"Host":"localhost"
}
Best regards.
Re: SysLog
No but you can do that by your own. We have some customer who print out every event.
Im sure you can use some kind of REST API.
Best regards.
Im sure you can use some kind of REST API.
Best regards.
-
- Posts: 10
- Joined: Thu Dec 13, 2018 1:54 pm
Re: SysLog
Who manages this library? WinCC OA or our SIEM server?
Thanks a lot
Best regards
Thanks a lot
Best regards
-
- Posts: 23
- Joined: Mon Mar 02, 2015 11:33 am
Re: SysLog
Hi,
Would you suggest to build a custom API manager/driver for pushing Wincc OA data to a syslog server?
Is it possible to use the SNMP manager to establish a connection to a syslog server?
Thanks,
Vaso
Would you suggest to build a custom API manager/driver for pushing Wincc OA data to a syslog server?
Is it possible to use the SNMP manager to establish a connection to a syslog server?
Thanks,
Vaso
Re: SysLog
If you need to build an own manager for the communication to the syslog server depends on the interfaces the syslog server supports.
Please check with the vendor of the syslog server if there any interfaces which can be used.
Best Regards
Leopold Knipp
Senior Support Specialist
Please check with the vendor of the syslog server if there any interfaces which can be used.
Best Regards
Leopold Knipp
Senior Support Specialist